urlscan.io logo urlscan.io
SecurityTrails logo

bestreview.app Open in urlscan Pro
172.67.207.130  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bestreview.app/sw/box/pr-s22-de-t1/index.html
Effective URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Submission: On August 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 172.67.207.130, located in United States and belongs to CLOUDFLARENET, US. The main domain is bestreview.app.
TLS certificate: Issued by WE1 on July 19th 2024. Valid for: 3 months.
This is the only time bestreview.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
18 172.67.207.130 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
19 2
Apex Domain
Subdomains		 Transfer
18 bestreview.app
bestreview.app
132 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
29 KB
19 2
Domain Requested by
18 bestreview.app bestreview.app
1 code.jquery.com bestreview.app
19 2

This site contains links to these domains. Also see Links.

Domain
x2htk.bemobtrcks.com
Subject Issuer Validity Valid
bestreview.app
WE1		 2024-07-19 -
2024-10-17		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Frame ID: 0E54AB628D4ABA65B1C3682A190A8E00
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hauptpreise warten darauf, eingefordert zu werden

Page URL History Show full URLs

  1. http://bestreview.app/sw/box/pr-s22-de-t1/index.html HTTP 307
    https://bestreview.app/sw/box/pr-s22-de-t1/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

161 kB
Transfer

228 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bestreview.app/sw/box/pr-s22-de-t1/index.html HTTP 307
    https://bestreview.app/sw/box/pr-s22-de-t1/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
bestreview.app/sw/box/pr-s22-de-t1/
Redirect Chain
  • http://bestreview.app/sw/box/pr-s22-de-t1/index.html
  • https://bestreview.app/sw/box/pr-s22-de-t1/index.html
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fa7783333db7a7db7f44d4d0d8ec1b1b4006b882533bbf7883d39cf0cf47b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
28216
alt-svc
h3=":443"; ma=86400
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
cf-cache-status
DYNAMIC
cf-ray
8b70d4e74d6c698f-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 22 Aug 2024 06:33:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8gZ8PiFRsEWO7o5H6psqqmwWlHGELmufNMFJsG3zl7OjF0mocjtkJmLRFiMvxCG%2BoPNNlJESgJ20cokULs1RsB97%2FZIv2fhojvPfo9OAFXfK4UIQBlftKBZhSZDHYz%2Fzkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01J5WCMK900C080ZZDDB6WV5CD

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Non-Authoritative-Reason
HSTS
style.css
bestreview.app/sw/box/box1/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bestreview.app/sw/box/box1/style.css
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8857d19101998bbe10e569a78c0e76b0e83b03af7e6459cb91a6d356978b9ee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMKF4YP91WA0GS34NCKH2
date
Thu, 22 Aug 2024 06:33:29 GMT
strict-transport-security
max-age=31536000
content-encoding
zstd
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"ad9b524c9b38c5a870a89eb8c2bc8abf-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6CH2b8aDxCXwZJymuLD4T8OmPAlgr0OBYs2g7%2Bx2S09v2PzT7TyHfO%2BAAeD1qgGcIek9geyHvDSgNdFvtNtjDYRLwY56bsSTFPu9JH0mlAN%2F5kOfry2MJiMecLIq0vEWpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b70d4e8ce82698f-FRA
alt-svc
h3=":443"; ma=86400
jquery-2.1.4.min.js
code.jquery.com/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.1.4.min.js
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

Referer
https://bestreview.app/
Origin
https://bestreview.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 22 Aug 2024 06:33:29 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3198587
x-cache
HIT, HIT
content-length
29519
x-served-by
cache-lga21971-LGA, cache-fra-etou8220113-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724308410.854532,VS0,VE0
etag
W/"28feccc0-14979"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
55, 29789
text.js
bestreview.app/sw/box/pr-s22-de-t1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestreview.app/sw/box/pr-s22-de-t1/text.js
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d820c99eacaa9d37fef9db2d1aa977dc675516ebfaa38101e9ce746a5c4b5751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMKF6WVE6D1SANB7YVJNX
date
Thu, 22 Aug 2024 06:33:29 GMT
strict-transport-security
max-age=31536000
content-encoding
zstd
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
W/"7de793894a22276ab011ffe4d646231f-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBb71gAuzCWh5pixxFvOR%2FWQN6kzFNeSKQLUBKmfXFXTWtQDdly3Y94oTdwvTrLH1GFq%2Bgt4uZeNJVj3rN8E9kjlUKXdzSbF3ViEO%2B6reLG64wxD745CvJexFVWL%2FrAgZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b70d4e8ce87698f-FRA
alt-svc
h3=":443"; ma=86400
main_script.js
bestreview.app/sw/box/pr-s22-de-t1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestreview.app/sw/box/pr-s22-de-t1/main_script.js
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0dac436c24500d89fed8aa052762d82a1f034a5225edd8e31e59b0ee24a6b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMKJ0YY5H5AJ7P1SDQDK0
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
content-encoding
zstd
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"17717b0126bd3c027823cd8b2db51409-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6XMmdmCOBNYmN1%2B9KzF%2BBVX4QFygOm8uJPE3RtjfD%2BfBUYSIKTigqF8W3Bw3j7RL41S33h5df5vN7Eb18BZwwAI92H4jRBvwPGvzUnDMRCeUMBBwUxoW%2BYGHYBpjdJm86Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b70d4e8de89698f-FRA
alt-svc
h3=":443"; ma=86400
scripts-all-lps-top.js
bestreview.app/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestreview.app/js/scripts-all-lps-top.js
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b38def0b714e44c51061bf1b28a732c853c23dd6412a41ed11108919636930e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMKENWKY4RBW3M9TE92YC
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
content-encoding
zstd
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"e3549e0410bc52799f47ba11b06c479d-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgPjJVRR29MECkVqItYSPD50Gvw6qN7tM1lxMjkfsn0qvvXWDofR75zd5o0XoNCBLseSBeG688ZuxN1SsNep9iNFUHwwkWjiZsNNv3KbjEQquAXJFj6kDsOV9mmlqL0Dsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b70d4e8de8b698f-FRA
alt-svc
h3=":443"; ma=86400
scripts-all-lps.js
bestreview.app/js/ 		911 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestreview.app/js/scripts-all-lps.js
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1b1d35eaf1ef5cc8e11397880c749c13fc3f4c24b6fee52547473eeaeaa0d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5TAC2S3RJSYBHBQ0CWDMWKA
date
Thu, 22 Aug 2024 06:33:29 GMT
strict-transport-security
max-age=31536000
content-encoding
zstd
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1412
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"6f394a0ea0bd2c7663f65e7b60ad042f-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqJSVQNgGo25k7Mi5uVlTpXkDtF4CsPh5sLUf1GJuYqHc6ScUCHuCg0thT3M4oRzgi%2BokML%2FBAGHJ0pmu8Oz0M1W%2FuLJPGjI3KX5jDLlz8hqAzlYwa4Ub8oOHvQaOw668A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b70d4e8de8e698f-FRA
scripts-all-lps.js
bestreview.app/js/ 		911 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bestreview.app/js/scripts-all-lps.js
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa1b1d35eaf1ef5cc8e11397880c749c13fc3f4c24b6fee52547473eeaeaa0d9

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5TAC2S3RJSYBHBQ0CWDMWKA
date
Thu, 22 Aug 2024 06:33:29 GMT
content-encoding
zstd
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1412
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"6f394a0ea0bd2c7663f65e7b60ad042f-ssl-df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqJSVQNgGo25k7Mi5uVlTpXkDtF4CsPh5sLUf1GJuYqHc6ScUCHuCg0thT3M4oRzgi%2BokML%2FBAGHJ0pmu8Oz0M1W%2FuLJPGjI3KX5jDLlz8hqAzlYwa4Ub8oOHvQaOw668A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b70d4e8de8e698f-FRA
l.png
bestreview.app/sw/box/box1/ 		175 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestreview.app/sw/box/box1/l.png
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/box1/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2afc36927f6530f2e793065e7e077ddba745cf85dd81eedf5633025ba80924bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/box1/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMKX6JY3P9GMWYXVEJ7M3
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
175
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"df319fc0fdb3593bf109ff23cfdf2ad1-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6a2Sh8S9NgdO%2F9tQNpAuM%2BEWIYKfSSRK3OztPl9S2TA80CPG3uU5DVTtso6cZtJmJvi4IKKsTQotVCO4cibGWZ7pCpQSkg1PJuPZJ5oA0%2FzU9ngvXx66glqYBOGRJMkrpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b70d4ebf967698f-FRA
1.png
bestreview.app/img/reviewers/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestreview.app/img/reviewers/1.png
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d09cef39076ea05b232f8d9cb60849db44db2e51392bf5841b6cfa7e53be00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5TAC2S70NWB33FQD9NF3B8J
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3851
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"cfb12627eb9aa5a23f845fee89048ad6-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oiPMUYbu%2BeSvN5PGOlaxPdia2ZheS5p61JQmrV4KzfuJMAjfFLhTBkhkfBIi4FXFrwve56hkIVwnV27vURPrRxSW9CwOXjLGw%2B8C4TvQXxDbwKySDDqesAyCZwSOvdYKKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b70d4ed8b00698f-FRA
2.png
bestreview.app/img/reviewers/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestreview.app/img/reviewers/2.png
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12cc9731a311d0b29aea0c4216af33b20bcc958b65f60740821517b7034b4b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMM6MSGR530RJEA064D7B
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3904
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"e0ebde3e3854c4f293d8e26030610c77-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kNhPv%2F15GUVQZZWeOi7K4jf5i37LjZ0qMBE4vZz6juJQjVdSWBJ58oo%2B%2BOQDkZfo1qfgeNRmTTLNnXzxZx%2BcBcBIKBPWQigvaTEfr9g07cJyFDRoIRnwKyupMma5gUhOlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b70d4ed8b02698f-FRA
3.png
bestreview.app/img/reviewers/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestreview.app/img/reviewers/3.png
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6946c28a3d2da5b9dd9632aa80fb85b8883d052db771ec17489fd8473413ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMM5EHXD57Y77NQ5CXJ3B
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3111
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"b36437559e2e774cdd23ca533adf3660-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZGT1WKkKZHH2nrUknctIOdds2uikE2U%2Fi54319D86IA%2B1czr63bA3WeQTTL9dl2gs739XOwZNrfaEzkB39WuKyDbdMnxMRiNz3n54Db%2FW%2B1kOe9YnhEJ5Og9hp1xV0mTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b70d4ed8b05698f-FRA
4.png
bestreview.app/img/reviewers/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestreview.app/img/reviewers/4.png
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c9b64dc0645a9d33257df0a2090b592c491055941d4e35cb78b42dc70d961f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMM593D2XYY1JNEZ7XQXR
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3042
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"727a5963d6c40cbcfad41617853ac814-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7TFkV5TDWrLIrOChaAQlDxMnsMGC0Yd6Ff6DRk5lIMBiMuEAyDWJSUobobaMib34KaHsz0ZE4uzGDzfJRidC7MsTcmLOJaJjZz0gqYrjopkP6%2BASakblK7OIi0p46%2F70g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b70d4ed8b07698f-FRA
5.png
bestreview.app/img/reviewers/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestreview.app/img/reviewers/5.png
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
332d5708e6189c34bcb8de6be39e5e7a7f5210ba4c5dec13887a13659a7fc053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMM5FWB21TAMEY5BCTTY9
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3937
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"1196c5d4059e6a09847b4fa5b1c12612-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DxZhpUxdU0Td1vGYqrtYu3MrH0%2FHOTHqKA6NnJ17U1eSUMgr1RgXPYmy3uq09BDgI4QBqymMp%2FVyNjT1vaTZ8culsergJr9DThI2Jfqxr8Jq6hTyD1fsKCmqReBUz62S9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b70d4ed8b09698f-FRA
6.png
bestreview.app/img/reviewers/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestreview.app/img/reviewers/6.png
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c9c2b5518312287d6377a38286b36d0025cb9bdc19d106e0ef358d0c9ecd156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMM90K1D6303KA4QYJEEJ
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3117
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"4b7d915bb8c721b358e226dd79fc2a79-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMWp%2BM8N1OejuzHwvw4gKCl%2FTgc5xzeMortf40csHZGCbDO2Pb7c5EW7J3O4X4yyJA7qfdvphSkoQKtPfa90lZNPClWOGiDjdnG7l4TyTBNi3OZ3J%2FYl1h5jZzasdpCB3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b70d4ed8b0d698f-FRA
multi2.png
bestreview.app/pr/Am1k/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestreview.app/pr/Am1k/multi2.png
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
921b64192f781e7398490c8efc863bf649cfc0432a9a2ee8aa23ce247932c329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMM5HBEQK8Q74JVPHS8HK
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
63357
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
"ecea22678d68a7448ad683bc4ae28fb8-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDtEfCCwPXcXtTNaBr2kUmjJeTo2lMQQz7z3v%2B4Zh2RmIoRK2HbqFGE6xn%2BIjRkc%2BFCty0uX8VK7iLsgLGS27XXc8YkzRkcRo%2BRyvvvFJmvrDke2SQ3Y5cSwA0a50ny1Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b70d4ed8b0e698f-FRA
s.png
bestreview.app/img/smileys/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestreview.app/img/smileys/s.png
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cdfdb1301d3d2c30a88cc6683062ce0f38867d5b62c4cb704855df748abc0ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMM5P2N9P1Q37PBQ9Q3GR
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9775
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"94b3bc5f8389dd323fe717b02d95c637-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWWkskSOARaCR%2Bjr4Nz9pdu%2B%2FFmpyPKA%2FMdp%2BHPBpwT8LgTq127J2M9o7HDKkN%2B0XOBowO5ouCf%2FKepDMw1fmwVf3eWvewLKVahh3Bs9NJCGqw0ejrTkSYpKE74WuEtLmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b70d4ed8b11698f-FRA
a.png
bestreview.app/sw/box/box1/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestreview.app/sw/box/box1/a.png
Requested by
Host: bestreview.app
URL: https://bestreview.app/sw/box/pr-s22-de-t1/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c473d8a2d02601a32761c5d22e1f7564205d3006a9d18e4a269183053ed3f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMM689K90W1RV5KFGNSAA
date
Thu, 22 Aug 2024 06:33:30 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
21047
server
cloudflare
cache-status
"Netlify Edge"; hit
etag
"50f102693f2d4c023aa5c763a0ad9523-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0MaZj%2BC4H0f659rItXmLkq1P%2BBBTEOBRID6HhrZZtkGDpQTvvVJ0SmRYmSQ%2F3giJlACqE%2FEpYUgijXm%2FbLCYTsrDF2q%2Fm%2BJEkInyq1khWTypQ7LtxF6p6yF8XVZk9iZYIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b70d4ed8b14698f-FRA
favicon.ico
bestreview.app/ 		15 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bestreview.app/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c530f807e35995d890a18523192cb2fea5e33ba870f5d2f3c6e80c9caa69fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bestreview.app/sw/box/pr-s22-de-t1/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nf-request-id
01J5WCMMHSVX3QDP9FNKYCMJJ8
date
Thu, 22 Aug 2024 06:33:31 GMT
strict-transport-security
max-age=31536000
content-encoding
zstd
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cache-status
"Netlify Edge"; fwd=miss
etag
W/"7f7657ad4f59e5ef9a018aa429849eb5-ssl"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRFwG23nPXFx161K5HnVXxJvIvvCMpX3%2B%2BstpG2iBsV7phRqEP3zDpyjx5zo7XX2a1R6MHAyG3TwoiqROtjCxXNugVjgtZLIvwg0mioTkTbVgDENwlo0yFPJyE3%2BOa7x1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b70d4f01d3b698f-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| win string| win_brand string| win_box string| title string| o string| a string| a2 string| b string| d string| e string| h string| j string| k string| w string| m_1_i string| m_1_t object| m_1_d string| m_1_b string| m_2_i string| m_2_d_2 string| m_2_d_1 string| m_2_d string| m_2_b string| m_3_i string| m_3_t string| m_3_s object| m_3_d string| m_3_b function| cl function| y function| getURLParameter function| countdown function| go number| try_num string| n string| oc

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000